package ace.module.account.core.impl.controller.rest.admin.ext;

import ace.cmp.core.model.R;
import ace.cmp.security.oauth2.resource.server.core.annotation.PreAuthorizeIsUserAuthenticated;
import ace.module.account.api.model.input.ModifyPasswordInput;
import ace.module.account.core.impl.service.IamAccountPasswordService;
import ace.module.security.api.AuthenticationApi;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import lombok.AllArgsConstructor;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
* 账户的密码 admin controller.
*
* @author Caspar
*/
@Tag(name = "账户的密码-管理-API")
@PreAuthorizeIsUserAuthenticated
@AllArgsConstructor
@RestController
@RequestMapping(IamAccountPasswordExtAdminController.PATH)
@Valid
public class IamAccountPasswordExtAdminController {
  public static final String PATH = "/account/iam-account-password";
  private static final String URI_MODIFY_PASSWORD = "/modifyPassword";
  public static final String URL_MODIFY_PASSWORD = PATH + "/modifyPassword";
  private final IamAccountPasswordService iamAccountPasswordService;
  private final AuthenticationApi authenticationApi;

  @PostMapping(URI_MODIFY_PASSWORD)
  @Operation(summary = "修改密码", description = "")
  public R<Void> modify(@Valid @RequestBody ModifyPasswordInput request) {
    Long accountId = authenticationApi.getAndCheckCurrentAccountId();
    return iamAccountPasswordService.modifyPassword(
        accountId,
        request.getOldPassword(),
        request.getNewPassword(),
        request.getConfirmPassword());
  }
}
